Sector-Specific & Emerging
Operational controls for sector-specific & emerging — with maturity levels, evidence requirements, and implementation guidance.
Not sure where to start? Answer 3 questions and get a tailored compliance action plan.
What applies to me? →3 controls matching filters
Clinical AI Governance Committee Charter
Establish a healthcare-specific AI governance committee with clinical and technical expertise, defined quorum and decision rights, escalation authority over AI systems involved in clinical decision support and patient care, and a review cadence aligned to FDA Software as a Medical Device (SaMD) guidance and applicable state clinical standards.
Critical Infrastructure AI Risk Assessment and Containment
Define a sector-specific risk assessment process for AI systems deployed in critical infrastructure environments — including energy, water, transportation, and financial market infrastructure — that addresses operational technology (OT) blast-radius containment, consequence-of-failure analysis, and cross-sector dependency risk distinct from standard enterprise AI risk frameworks.
National Security and Dual-Use AI Risk Assessment
Establish a risk assessment process for AI systems and AI research activities that could constitute dual-use technology — with applications in both commercial and national security or weapons contexts — addressing BIS export control obligations, ITAR compliance for defense applications, dual-use research of concern protocols, and foreign adversarial misuse monitoring.